package servlet;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Servlet implementation class LoginServlet
 */
@WebServlet("/LoginServlet2")
public class LoginServlet2 extends HttpServlet {
	private static final long serialVersionUID = 1L;

	protected void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		response.setContentType("text/html;charset=utf-8");

		// response.setCharacterEncoding("utf-8");

		request.setCharacterEncoding("utf-8");

		String username = request.getParameter("username");

		System.out.println(username);
		String password = request.getParameter("password");
		System.out.println(password);
		
		
//		request.setAttribute("username", username);
//		request.setAttribute("password", password);
		
		Cookie cookie = new Cookie("username", username);//会话Cookie
		cookie.setMaxAge(0 );  //-1:永不过期     0:删除     大于0(秒):存磁盘    不设置:会话或临时Cookie  
		cookie.setHttpOnly(true);//中设置了HttpOnly属性，那么通过js脚本将无法读取到cookie信息，这样能有效的防止XSS攻击，窃取cookie内容，这样就增加了cookie的安全性
		//cookie.setPath("/path"); //将服务器上的文件目录作为Cookie的适用对象（若不指定则默认为文档所在的文件目录）
		//cookie.setDomain("");//作为 Cookie 适用对象的域名 （若不指定则默认为创建 Cookie的服务器的域名）
		
		response.addCookie(cookie);
		
		//跳转--服务器端
//		request.getRequestDispatcher("IndexServlet").forward(request, response);
		response.sendRedirect("IndexServlet");
	}

}
